CVE-2025-47809

CWE-2723 documents3 sources

Severity

8.2HIGH

EPSS

0.1%

top 78.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wibu Codemeter

Timeline

PublishedMay 16

Description

Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). For exploitation, there must have been an unprivileged installation with UAC, and the CodeMeter Control Center component must be installed, and the CodeMeter Control Center component must not have been restarted. In this scenario, the local user can navigate from Import License to a privileged instance of Windows Explorer.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages1 packages

▶CVEListV5wibu/codemeter< 8.30a

🔴Vulnerability Details

GHSA

GHSA-2rfr-r5fg-2857: Wibu CodeMeter before 8↗2025-05-16

▶

CVEList

CVE-2025-47809: Wibu CodeMeter before 8↗2025-05-16

▶